🧠 Google Cloud SQL Instance IAM Database Authentication is not enabled - prod.logic.yaml🟢
- Contextual name: 🧠 prod.logic.yaml🟢
- ID:
/ce/ca/google/sql/instance-iam-database-authentication/prod.logic.yaml - Tags:
Uses
Test Results 🟢
Generated at: 2026-05-26T22:48:12.215347582Z Open
| Result | Id | Condition Index | Condition Text | Runtime Error |
|---|---|---|---|---|
| 🟢 | a8Eiam0 | ✔️ 99 | ✔️ isDisappeared(CA10__disappearanceTime__c) | ✔️ null |
| 🟢 | a8Eiam1 | ✔️ 199 | ✔️ not(extract('CA10__databaseVersion__c').contains('MYSQL') || extract('CA10__databaseVersion__c').contains('POSTGRES')) | ✔️ null |
| 🟢 | a8Eiam2 | ✔️ 299 | ✔️ extract('CA10__databaseVersion__c').contains('POSTGRES') && extract('caJsonText__databaseFlagsCloudsqlIamAuthenticationFlagValue__c') == 'on' | ✔️ null |
| 🟢 | a8Eiam3 | ✔️ 399 | ✔️ extract('CA10__databaseVersion__c').contains('MYSQL') && extract('caJsonText__databaseFlagsCloudsqlIamAuthenticationMysqlFlagValue__c') == 'on' | ✔️ null |
| 🟢 | a8Eiam4 | ✔️ 400 | ✔️ otherwise | ✔️ null |
| 🟢 | a8Eiam5 | ✔️ 302 | ✔️ CA10__databaseFlagsJson__c.asJson().isEmpty() | ✔️ null |
Generation Bundle
| File | MD5 | |
|---|---|---|
| Open | /ce/ca/google/sql/instance-iam-database-authentication/policy.yaml | 8021796E0E5E7C05E76066002084F55D |
| Open | /ce/ca/google/sql/instance-iam-database-authentication/prod.logic.yaml | F39AC18E91D8147ED41565B35CA939A8 |
| Open | /ce/ca/google/sql/instance-iam-database-authentication/test-data.json | 884530A53EA909B3E6422632F8595928 |
| Open | /types/CA10__CaGoogleSqlInstance__c/object.extracts.yaml | D357E312FE3FECE94E57ECC9C416D2B4 |
Available Commands
repo-manager policies generate FULL /ce/ca/google/sql/instance-iam-database-authentication/prod.logic.yaml
repo-manager policies generate DEBUG /ce/ca/google/sql/instance-iam-database-authentication/prod.logic.yaml
repo-manager policies generate CAPTURE_TEST_DATA /ce/ca/google/sql/instance-iam-database-authentication/prod.logic.yaml
repo-manager policies generate TESTS /ce/ca/google/sql/instance-iam-database-authentication/prod.logic.yaml
# Execute tests
repo-manager policies test /ce/ca/google/sql/instance-iam-database-authentication/prod.logic.yaml
Content
---
inputType: "CA10__CaGoogleSqlInstance__c"
testData:
- file: test-data.json
importExtracts:
- file: /types/CA10__CaGoogleSqlInstance__c/object.extracts.yaml
conditions:
- status: "INAPPLICABLE"
currentStateMessage: "IAM database authentication is applicable only to Cloud SQL for MySQL and PostgreSQL instances."
check:
NOT:
arg:
OR:
args:
- CONTAINS:
arg:
EXTRACT: "CA10__databaseVersion__c"
search:
TEXT: "MYSQL"
- CONTAINS:
arg:
EXTRACT: "CA10__databaseVersion__c"
search:
TEXT: "POSTGRES"
- status: "COMPLIANT"
currentStateMessage: "IAM database authentication is enabled for this Cloud SQL PostgreSQL instance."
check:
AND:
args:
- CONTAINS:
arg:
EXTRACT: "CA10__databaseVersion__c"
search:
TEXT: "POSTGRES"
- IS_EQUAL:
left:
EXTRACT: "caJsonText__databaseFlagsCloudsqlIamAuthenticationFlagValue__c"
right:
TEXT: "on"
- status: "COMPLIANT"
currentStateMessage: "IAM database authentication is enabled for this Cloud SQL MySQL instance."
check:
AND:
args:
- CONTAINS:
arg:
EXTRACT: "CA10__databaseVersion__c"
search:
TEXT: "MYSQL"
- IS_EQUAL:
left:
EXTRACT: "caJsonText__databaseFlagsCloudsqlIamAuthenticationMysqlFlagValue__c"
right:
TEXT: "on"
otherwise:
status: "INCOMPLIANT"
currentStateMessage: "IAM database authentication is not enabled for this Cloud SQL instance."
remediationMessage: "Enable IAM database authentication for the Cloud SQL instance."